CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4421 matches found

NVD•added 2010/02/09 7:30 p.m.•15 views

CVE-2010-0438

Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Request System OTRS 2.1.x before 2.1.9, 2.2.x before 2.2.9, 2.3.x before 2.3.5, and 2.4.x before 2.4.7 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS7.9AI score0.01912EPSS

Exploits0References9

securityvulns•added 2010/02/04 12:0 a.m.•65 views

OCS Inventory NG Server <= 1.3b3 (login) Remote Authentication Bypass

OCS Inventory NG Server = 1.3b3 login Remote Authentication Bypass Software : Open Computer and Software OCS Inventory NG Download : http://www.ocsinventory-ng.org/ Discovered by : Nicolas DEROUET nicolas.derouetgmailcom Version : 1.03-beta3 and prior Impact : Critical Remote : Yes No...

0.5AI score

Exploits0

Packet Storm•added 2010/01/30 12:0 a.m.•24 views

OCS Inventory NG Server 1.3b3 Remote Authentication Bypass

OCS Inventory NG Server passwd != md5 $POST"pass" and 111 $row-passwd != $POST"pass" == Exploit == function inject document.getElementById'log'.action = document.getElementById'ocsreports'.value + 'index.php'; sql = "0' UNION SELECT id, accesslv...

0.2AI score

Exploits0

exploitpack•added 2010/01/19 12:0 a.m.•8 views

al3jeb script - Remote Authentication Bypass

al3jeb script - Remote Authentication Bypass '/ -.- --------------------oOO------OOo------------------- | al3jeb script Remote Login Bypass Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r ! Date: 19.01.2010 ! Remote:...

1AI score

Exploits0

Exploit DB•added 2010/01/19 12:0 a.m.•21 views

al3jeb script - Remote Authentication Bypass

'/ -.- --------------------oOO------OOo------------------- | al3jeb script Remote Login Bypass Exploit | | works only with magicquotesgpc = off | ------------------------------------------------------ ! Discovered: cr4wl3r ! Date: 19.01.2010 ! Remote: yes ! Vulnerability Code login.php : ! PoC:...

7AI score

Exploits0

exploitpack•added 2010/01/16 12:0 a.m.•11 views

MoME CMS 0.8.5 - Remote Authentication Bypass

MoME CMS 0.8.5 - Remote Authentication Bypass '/ -.- --------------------oOO------OOo------------------- | MoME CMS ! Download: http://sourceforge.net/projects/mome/files/ ! Date: 16.01.2010 ! Remote: yes ! Code : //controllo user e passwd da login ifisset$POST'postedusername' &&...

1AI score

Exploits0

Exploit DB•added 2010/01/16 12:0 a.m.•28 views

MoME CMS 0.8.5 - Remote Authentication Bypass

'/ -.- --------------------oOO------OOo------------------- | MoME CMS ! Download: http://sourceforge.net/projects/mome/files/ ! Date: 16.01.2010 ! Remote: yes ! Code : //controllo user e passwd da login ifisset$POST'postedusername' && isset$POST'postedpassword' $query="SELECT FROM users WHERE...

7AI score

Exploits0

Exploit DB•added 2010/01/16 12:0 a.m.•32 views

RoseOnlineCMS 3 B1 - Remote Authentication Bypass

'/ -.- --------------------oOO------OOo------------------- | RoseOnlineCMS ! Download: http://sourceforge.net/projects/rosecms/files/ ! Date: 16.01.2010 ! Remote: yes ! Code : " method="post" Username: Password: ?php ifisset$POST'submit' // username and password sent from signup form $USER =...

7.4AI score

Exploits0

NVD•added 2010/01/13 1:30 a.m.•12 views

CVE-2010-0080

Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 Bundle, 21 and 9.0 Bundle 11 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

4.9CVSS5.4AI score0.01292EPSS

Exploits0References2

Cvelist•added 2010/01/13 1:0 a.m.•37 views

CVE-2009-1996

Unspecified vulnerability in the Logical Standby component in Oracle Database allows remote authenticated users to affect integrity via unknown vectors...

5.4AI score0.01327EPSS

Exploits0References2

Cvelist•added 2010/01/13 1:0 a.m.•20 views

CVE-2010-0080

5.4AI score0.01292EPSS

Exploits0References2

Cvelist•added 2010/01/12 5:0 p.m.•42 views

CVE-2009-4597

Multiple SQL injection vulnerabilities in index.php in PHP Inventory 1.2 allow 1 remote authenticated users to execute arbitrary SQL commands via the userid parameter in a users details action, and allow remote attackers to execute arbitrary SQL commands via the 2 user username and 3 pass passwor...

8.1AI score0.00987EPSS

Exploits2References4

CVE•added 2010/01/04 5:0 p.m.•44 views

CVE-2009-4546

The CVE-2009-4546 entry affects Logoshows BBS 2.0, specifically the globepersonnel_login.asp authentication page. The vulnerability allows remote attackers to bypass authentication and gain administrative access by manipulating cookies (pb_username and level). This corresponds to a cookie-based a...

7.5CVSS7.4AI score0.02632EPSS

Exploits0References2Affected Software1

Prion•added 2009/12/31 7:30 p.m.•10 views

Design/Logic Flaw

The Organic Groups OG Vocabulary module 6.x before 6.x-1.0 for Drupal allows remote authenticated group members to bypass intended access restrictions, and create, modify, or read a vocabulary, via unspecified vectors...

6.5CVSS6.7AI score0.01337EPSS

Exploits0References7Affected Software1

NVD•added 2009/12/29 8:41 p.m.•18 views

CVE-2009-4449

Directory traversal vulnerability in MyBB aka MyBulletinBoard 1.4.10, and possibly earlier versions, when changing the user avatar from the gallery, allows remote authenticated users to determine the existence of files via directory traversal sequences in the avatar and possibly the gallery...

6.5CVSS6.3AI score0.02698EPSS

Exploits1References11

CVE•added 2009/12/23 6:0 p.m.•59 views

CVE-2009-4133

CVE-2009-4133 affects Condor (versions 6.5.4–7.2.4, 7.3.x, and 7.4.0 as used in MRG/GRID environments). The issue allows remote authenticated users to queue jobs as an arbitrary user by using a Condor CLI tool to modify an unspecified job attribute, enabling privilege elevation (partial confident...

6.5CVSS6.2AI score0.02078EPSS

Exploits1References11Affected Software2

Packet Storm•added 2009/12/15 12:0 a.m.•22 views

LinkPal 1.0 SQL Injection

Tybe: Auth Bypass Remote SQL Injection Vulnerability Vendor:www.datachecknh.com ? ? Software:LinkPal v1.0 ? Price $$9.95 One-time fee ? author: R3d-D3v!L ? ? Date: 15.d3c.2009 ?T!ME: 08:14 p//\ ? Home: www.Xp10.Me ? ? E-MaiL : [email protected] ???????????????????????DEV!L'5 of...

0.4AI score

Exploits0

Prion•added 2009/12/10 11:30 p.m.•9 views

Sql injection

Multiple SQL injection vulnerabilities in TestLink before 1.8.5 allow remote authenticated users to execute arbitrary SQL commands via 1 the Test Case ID field to lib/general/navBar.php or 2 the logLevel parameter to lib/events/eventviewer.php...

6.5CVSS8.7AI score0.01082EPSS

Exploits7References6Affected Software1

Packet Storm•added 2009/12/10 12:0 a.m.•20 views

PHP Inventory 1.2 SQL Injection

PHP Inventory v1.2 Remote Auth Bypass SQL Injection Vulnerabiity Found By: mrme Download: http://www.phpwares.com/content/php-inventory Tested On: Windows Vista Note: For educational purposes only First of all lets login to admin with: http://server/php-inventory/index.php username: ' or 1=1--...

0.2AI score

Exploits0

Check Point Advisories•added 2009/12/08 12:0 a.m.•3 views

Microsoft Internet Authentication Service MS-CHAP Security Bypass (MS09-071; CVE-2009-3677)

An elevation of privilege vulnerability has been reported in the Internet Authentication Service. Internet Authentication Service IAS is the Microsoft implementation of a Remote Authentication Dial-in User Service RADIUS server and proxy. As a RADIUS server, IAS performs centralized connection...

10CVSS7AI score0.2182EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by